BSides Presentation

BSides @Arctic Wolf, sharing insights into "Code Noir: Malware in Layers – Reverse Engineering"

🕵️‍♂️ My presentation focused on dissecting the Nanocore RAT, a resilient and evolving threat used by state-sponsored and emerging cyber threat groups. Through a multi-layered reverse engineering approach, I demonstrated how uncovering hidden payloads and understanding evasion techniques directly contribute to enhancing threat intelligence.

🔍 Key takeaways included:

• Identifying Zero-Day Exploits: By analyzing Nanocore’s layers, I showcased how to detect previously unknown threats and extract critical Indicators of Compromise (IOCs).

• Generating Actionable Threat Intelligence: Reverse engineering allowed us to map threat actor intentions and behaviors, feeding valuable data into threat intelligence platforms to predict and mitigate future threats.

• Supporting Proactive Defense: The session emphasized the importance of threat hunting and leveraging IOCs and BIOCs to improve threat detection and response strategies.

💡 This process of peeling back the layers of malware not only aids in immediate threat mitigation but also strengthens long-term security postures by enriching threat intelligence repositories with high-fidelity data.